Can not access network after run.

[ghost]

Cann't ping any ip address after run INTANG.

Logs below:

root@MT-FFW:~/INTANG# cat /var/log/intangd.log
1509784754.117323 [INFO] Current version: 7
1509784754.117417 [INFO] Starting redis server.
1509784754.132627 [INFO] Connecting to TCP DNS server.
1509784754.132683 [INFO] Building sync connection with redis server.
1509784754.132789 [INFO] Sync connection built successfully.
1509784754.133486 [INFO] Loading historical results from redis.
1509784754.133559 [INFO] Loading TTL from redis.
1509784754.133606 [INFO] Async connection built successfully.
1509784754.210977 [INFO] Connected to TCP DNS server.
1509786394.025924 [ERROR] Send keep alive packet failed. errno: 32
1509786394.026021 [INFO] Connecting to TCP DNS server.
1509786409.197055 [INFO] Connected to TCP DNS server.
1509786474.241366 [ERROR] Send keep alive packet failed. errno: 32
1509786474.241454 [INFO] Connecting to TCP DNS server.
1509786474.394250 [INFO] Connected to TCP DNS server.

OS: UBUNTU 16.04 X64.
USER: ROOT
Already Run "iptables -F ".

Thanks.

[gkso]

INTANG will not intercept ICMP messages, so I think it shouldn't cause ping failures. Could you check if there's any other network problems?

[wincber]

same issue (my testing is in raspberry pi)

and no error log

Thanks!

[gkso]

Since I don't have the environment to reproduce the problem, maybe you can try tcpdump and share the dumped packets here.

[nyannko]

Hi, I have the same issue when trying to ping www.baidu.com.

steps:

1. iptables -F
2. ./run.sh
3. ping www.baidu.com

iptables -L:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
DROP       icmp --  anywhere             anywhere
NFQUEUE    tcp  --  anywhere             anywhere             tcp spt:http flags:RST/RST NFQUEUE num 1
NFQUEUE    tcp  --  anywhere             anywhere             tcp spt:http flags:SYN,ACK/SYN,ACK NFQUEUE num 1
NFQUEUE    tcp  --  anywhere             anywhere             tcp spt:http flags:SYN,RST,ACK/ACK u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0=0x48545450" NFQUEUE num 1

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
NFQUEUE    tcp  --  anywhere             anywhere             tcp dpt:http flags:SYN,ACK/SYN mark match ! 0x9 NFQUEUE num 1
NFQUEUE    tcp  --  anywhere             anywhere             tcp dpt:http flags:SYN,RST,ACK/ACK mark match ! 0x9 length 0:80 NFQUEUE num 1
NFQUEUE    tcp  --  anywhere             anywhere             tcp dpt:http flags:SYN,RST,ACK/ACK mark match ! 0x9 u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0=0x47455420" NFQUEUE num 1
NFQUEUE    tcp  --  anywhere             anywhere             tcp dpt:http flags:SYN,RST,ACK/ACK mark match ! 0x9 u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0=0x504f5354" NFQUEUE num 1

tcpdump:

21:35:39.173229 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 48, length 64
21:35:39.207895 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 48, length 64
21:35:40.173233 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 49, length 64
21:35:40.195614 IP 106.11.68.13.http > myhost.58566: Flags [P.], seq 10:20, ack 5803, win 62980, length 10: HTTP
21:35:40.195680 IP myhost.58566 > 106.11.68.13.http: Flags [.], ack 20, win 39680, length 0
21:35:40.207765 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 49, length 64
21:35:40.285563 IP myhost.58566 > 106.11.68.13.http: Flags [P.], seq 5803:5809, ack 20, win 39680, length 6: HTTP
21:35:40.318712 IP 106.11.68.13.http > myhost.58566: Flags [.], ack 5809, win 62980, length 0
21:35:41.008234 IP 39.107.14.208.59495 > myhost.50002: Flags [S], seq 1092021452, win 65535, options [mss 1460], length 0
21:35:41.008266 IP myhost.50002 > 39.107.14.208.59495: Flags [R.], seq 0, ack 1092021453, win 0, length 0
21:35:41.008392 IP myhost.33394 > 100.100.2.136.domain: 13894+ PTR? 208.14.107.39.in-addr.arpa. (44)
21:35:41.032634 IP 100.100.2.136.domain > myhost.33394: 13894 NXDomain 0/1/0 (115)
21:35:41.173231 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 50, length 64
21:35:41.207721 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 50, length 64
21:35:42.173232 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 51, length 64
21:35:42.207936 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 51, length 64
21:35:43.173235 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 52, length 64
21:35:43.207872 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 52, length 64
21:35:44.173231 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 53, length 64
21:35:44.208047 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 53, length 64
21:35:45.173235 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 54, length 64
21:35:45.207737 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 54, length 64
21:35:46.173237 IP myhost > 220.181.111.188: ICMP echo request, id 11142, seq 55, length 64
21:35:46.207740 IP 220.181.111.188 > myhost: ICMP echo reply, id 11142, seq 55, length 64
21:35:46.790406 IP myhost.46008 > resolver2.opendns.com.domain: Flags [P.], seq 322:368, ack 855, win 229, options [nop,nop,TS val 1726329092 ecr 491174437], length 466751+ A? www.aiojewewrrewqddsag.com. (44)
21:35:46.835789 IP resolver2.opendns.com.domain > myhost.46008: Flags [P.], seq 855:977, ack 368, win 22, options [nop,nop,TS val 491176438 ecr 1726329092], length 1226751 NXDomain 0/1/0 (120)
21:35:46.835817 IP myhost.46008 > resolver2.opendns.com.domain: Flags [.], ack 977, win 229, options [nop,nop,TS val 1726329137 ecr 491176438], length 0

It seems that my host try to resolve the domain name repeatedly but never success. I don't know why.

[wincber]

I still have ICMP problem,but I do have access to those websites like wordpress.com etc.Of course, including Baidu.You could try to browse websites via Browser....:)